Kaspersky Acknowledges Taking Inactive Files in Pursuit of Hackers

Eugene
Kaspersky said his company's widely used antivirus software has copied files
that did not threaten the personal computers of those customers, a sharp
departure from industry practice that could increase suspicions that the
Moscow-based firm aids Russian spies.

The
acknowledgement, made in an interview last Friday as part of the Reuters Cyber
Security Summit, comes days after Kaspersky's company said its software had
copied a file containing US National Security Agency (NSA) hacking tools from
the home computer of an agency worker in 2014."We did nothing wrong,"
Kaspersky said in the interview.

He
said the files containing the NSA hacking tools were taken because they were
part of a larger file that included suspicious software. Such actions occur
only in “very, very, very rare cases,” he added.

A
spokesman at Kaspersky's firm, Kaspersky Lab, told Reuters the company would
never take regular computer files that contained nothing suspicious.

The
firm has for years faced suspicions that it has links with Russian intelligence
and state-sponsored hackers. Kaspersky denies any cooperation with Russian
authorities beyond cybercrime enforcement.

In
September, the US Department of Homeland Security banned Kaspersky software
from use in federal offices, citing the company's ties with Russian
intelligence. The company is the subject of a long-running probe by the US
Federal Bureau of Investigation, sources have told Reuters.

Antivirus
software is designed to burrow deeply into computer systems and has broad
access to their contents, but it normally seeks and destroys only files that
contain viruses or are otherwise threatening to a customer's computers, leaving
all other files untouched.

Searching
for and copying files that might contain hacking tools or clues about
cybercriminals would not be part of normal operations of antivirus software,
former Kaspersky employees and cyber-security experts said.

In
the Reuters interview, conducted at Kaspersky Lab's offices in Moscow, Eugene
Kaspersky said the NSA tools were copied because they were part of a larger
file that had been automatically flagged as malicious.

He
said the software removed from the agency worker's computer included a tool
researchers dubbed GrayFish, which the company has called the most complex
software it has ever seen for corrupting the startup process for Microsoft's
Windows operating system.

Kaspersky
said he had ordered the file to be deleted "within days" because it
contained US government secrets.

But
he defended the broader practice of taking inert files from machines of people
that the company believes to be hackers as part of a broader mission to help
fight cyber crime.

“From
time to time, yes, we have their code directly from their computers, from the
developers’ computers,” Kaspersky told Reuters.

'Improper practice'
Three former Kaspersky employees and a person close to the FBI probe of the
company, who first described the tactic to Reuters this summer, said copying
non-infectious files abused the power of antivirus software. The person
associated with the FBI said in one case Kaspersky removed a digital photo of a
suspected hacker from that person's machine.

Kaspersky
declined to discuss specific instances beyond the NSA case, saying he did not
want to give hackers ideas for avoiding detection.

"Sometimes
we are able to catch cyber criminals, that’s why I am not so comfortable to
speak about this to media," he said in the interview. "Many of them
are very clever, they can learn from what I am saying."

Other
industry experts called the practice improper. Mikko Hypponen, chief research
officer at Finnish security company F-Secure, said that when his firm's
software finds a document that might contain dangerous code, "it will
prompt the user or the administrator and ask if it can upload a copy to
us."

Dan
Guido, chief executive of cyber-security firm Trail of Bits, which has
performed audits on security software, said Kaspersky's practices point to a
larger issue with all antivirus software.

"All
of them aggregate a huge amount of information about their clients, which can be
easily exploited when put in willing hands," he said.

US news
organisations have reported that Kaspersky, or Russian spies hijacking its
service, have been searching widely among customers' computers for secret
files, citing anonymous US intelligence officials. Reuters has not
verified such reports.

Kaspersky
said he hoped to alleviate concerns about his company by opening up his source
code for review by third parties in independently run centers, as well as by
raising the maximum amount it offers for information about security flaws in
its programs to $100,000.

========== Hacking Don't Need Agreements ==========

Just Remember One Thing You Don't Need To Seek Anyone's Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream

Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net

Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Web Developer, Student and Mechanical Engineer. He Enjoys writing articles, Blogging, Solving Errors, Social Surfing and Social Networking. Feel Free to let me know any of your concerns about hacking or let me know if you need any more methods on hacking anything. Enjoy Learning